Almost half of all businesses suffered ransomware attack in last 12 months

SentinelOne have published findings from a global survey on the business impact of ransomware, conducted by research firm Vanson Bourne.

The survey of businesses in the U.K., U.S., France and Germany revealed an immediate need for better solutions. In the last 12 months, 48 percent of organisations across the globe have fallen victim to a ransomware campaign, with 80 percent indicating that they’ve suffered from three or more attacks.

According to the survey, in response to ransomware attacks, 67 percent of businesses globally have increased IT security spending, and 52 percent reported that they are changing their security strategies to focus on mitigation. Fifty-four percent also agreed that their organisations have lost faith in traditional cyber security, such as antivirus.

“Ransomware has become one of the most successful forms of cybercrime in 2016 and is on the top of every security professional’s list of most prolific threats,” said Jeremiah Grossman, Chief of Security Strategy at SentinelOne. “It’s not surprising to see high levels of apathy towards traditional antivirus software, and we don’t expect the ransomware epidemic to slow down anytime soon. The situation is likely to get far worse, as some of the ill-gotten gains will be invested into research and development designed to improve encryption strength and utilise new delivery methods, as witnessed with Locky.”

cryptocurrency Ethereum

Global Snapshot: Hacker Motives and Business Responses

According to the survey, 81 percent of respondents globally that suffered ransomware attacks reported that attackers were able to gain access to their organization’s network through phishing emails or social media. Half reported that the attacker gained access through a drive-by-download caused by clicking on a compromised website, while 40 percent stated that the attack came  through an infection via botnet.

Employee information (42 percent), financial data (41 percent) and customer information (40 percent) were the types of data most often affected by these attacks. Respondents identified the most likely motives of their attackers as financial gain (54 percent), operational disruption (47 percent) and cyber espionage (42 percent).

“These results further shed light on ransomware, where now, any and all types of sensitive data are targeted and can lead successful extortion,” continued Grossman.

Download the full survey findings here.